CVE-2023-52992

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bpf: Skip task with pid=1 in send_signal_common()<br /> <br /> The following kernel panic can be triggered when a task with pid=1 attaches<br /> a prog that attempts to send killing signal to itself, also see [1] for more<br /> details:<br /> <br /> Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b<br /> CPU: 3 PID: 1 Comm: systemd Not tainted 6.1.0-09652-g59fe41b5255f #148<br /> Call Trace:<br /> <br /> __dump_stack lib/dump_stack.c:88 [inline]<br /> dump_stack_lvl+0x100/0x178 lib/dump_stack.c:106<br /> panic+0x2c4/0x60f kernel/panic.c:275<br /> do_exit.cold+0x63/0xe4 kernel/exit.c:789<br /> do_group_exit+0xd4/0x2a0 kernel/exit.c:950<br /> get_signal+0x2460/0x2600 kernel/signal.c:2858<br /> arch_do_signal_or_restart+0x78/0x5d0 arch/x86/kernel/signal.c:306<br /> exit_to_user_mode_loop kernel/entry/common.c:168 [inline]<br /> exit_to_user_mode_prepare+0x15f/0x250 kernel/entry/common.c:203<br /> __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]<br /> syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296<br /> do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86<br /> entry_SYSCALL_64_after_hwframe+0x63/0xcd<br /> <br /> So skip task with pid=1 in bpf_send_signal_common() to avoid the panic.<br /> <br /> [1] https://lore.kernel.org/bpf/20221222043507.33037-1-sunhao.th@gmail.com